This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/O9usaKrUgEAZmgEEboI2zMwhay8.roa File: O9usaKrUgEAZmgEEboI2zMwhay8.roa (raw, json) Hash identifier: TeoCN9eeGOBAvs1/Si2jJZev4TVjpqPjDdBSDl3hCpg= Subject key identifier: 3B:DB:AC:68:AA:D4:80:40:19:9A:01:04:6E:82:36:CC:CC:21:6B:2F Certificate issuer: /CN=b578a461a859ddc986c08a88e9512d5c3d2210e6 Certificate serial: 019A25917E08160C077ACAC92B345DB52446 Authority key identifier: B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/O9usaKrUgEAZmgEEboI2zMwhay8.roa Signing time: Mon 27 Oct 2025 12:08:03 +0000 ROA not before: Mon 27 Oct 2025 12:08:03 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 207920 IP address blocks: 194.53.118.0/23 maxlen: 23 194.53.118.0/24 maxlen: 24 194.53.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.mft rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 06:01:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:25:91:7e:08:16:0c:07:7a:ca:c9:2b:34:5d:b5:24:46 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b578a461a859ddc986c08a88e9512d5c3d2210e6 Validity Not Before: Oct 27 12:08:03 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=3bdbac68aad48040199a01046e8236cccc216b2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:7f:40:80:e4:29:8d:e3:35:dd:a3:5b:ab:a4: 16:5c:dd:93:5c:21:79:70:be:43:47:5f:d5:ae:cc: 6d:58:97:80:69:5d:8d:ff:6f:f8:53:ce:ff:1c:41: 18:05:96:7e:72:f5:b0:9b:59:16:a6:88:f8:bc:3a: 91:24:e4:a4:26:6c:3b:5a:e7:95:cc:23:2d:10:69: ad:04:4a:37:2a:0f:87:de:2c:a7:1b:b3:65:c7:e0: d1:0d:20:6f:10:da:53:af:e3:fa:a5:58:41:94:c2: 9c:20:fd:ae:3e:93:d2:f5:a3:65:88:68:e6:97:29: 28:b5:06:87:03:e7:05:bd:82:75:59:f7:ad:ff:58: 97:8b:a7:7c:1b:c2:de:24:0b:9a:bd:68:ce:eb:a1: c1:ee:20:31:35:93:74:b4:2b:ef:b1:3d:6a:f1:4b: 6e:3a:ac:58:ba:1f:77:8d:9a:83:b2:7c:9e:0d:2f: ba:b4:b5:a4:7f:77:42:f5:5f:f2:b5:aa:06:ae:44: e9:e7:39:3c:8f:f9:a8:dc:ad:38:76:84:f2:eb:51: 64:3c:89:0d:2e:9a:21:46:77:51:65:fc:48:bf:53: c8:1c:bf:31:9e:4c:40:b1:87:d9:89:c1:dd:46:74: c7:7b:53:ed:8e:f8:d4:40:30:7b:6e:31:4c:07:43: aa:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:DB:AC:68:AA:D4:80:40:19:9A:01:04:6E:82:36:CC:CC:21:6B:2F X509v3 Authority Key Identifier: keyid:B5:78:A4:61:A8:59:DD:C9:86:C0:8A:88:E9:51:2D:5C:3D:22:10:E6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tXikYahZ3cmGwIqI6VEtXD0iEOY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/O9usaKrUgEAZmgEEboI2zMwhay8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0cee34-5acc-42d5-a5bf-fc1c0ccbc0b7/1/tXikYahZ3cmGwIqI6VEtXD0iEOY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.53.118.0/23 Signature Algorithm: sha256WithRSAEncryption 7d:55:5e:53:01:d5:61:e9:9f:b7:51:4f:6a:9e:ad:db:84:fe: 2c:f1:68:14:ed:49:f6:2e:cd:92:99:b5:9e:9a:a7:df:cb:ad: 4a:4b:68:71:6a:7b:53:f7:10:b0:1b:78:e1:54:9d:09:3e:b0: 58:5e:dc:4e:b3:5b:89:98:e4:87:40:01:0c:85:24:65:aa:0b: db:a1:9a:91:74:ba:f8:75:54:41:f3:c5:60:e5:a6:de:66:d6: 2f:c5:20:de:5a:98:fd:7c:89:fb:73:26:8e:3b:b5:41:21:1b: 66:d6:76:d6:4c:9a:4b:b0:dc:f7:a4:3d:02:ca:03:4e:1e:20: 8e:5e:78:ab:3f:ed:b8:db:3b:06:a4:8d:d2:82:b6:f3:52:85: fc:92:72:c4:0b:81:ab:8f:9c:36:49:4b:f7:86:de:b6:89:47: 4e:71:91:66:b0:36:ef:31:8b:26:31:d6:2c:dc:8d:e2:19:8b: c6:47:59:4f:93:9a:6c:ab:8e:e5:5d:32:a8:5f:fa:a0:0a:39: 9b:a6:f7:35:42:d2:5b:6c:9d:55:1a:85:fe:9d:7d:a3:77:80: 86:60:5d:82:41:87:a5:db:86:13:81:30:82:db:9f:26:88:d0: ce:f6:67:2b:ab:56:49:89:7d:83:26:5a:3d:87:55:16:78:2a: 11:42:80:0c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZolkX4IFgwHesrJKzRdtSRGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI1NzhhNDYxYTg1OWRkYzk4NmMwOGE4OGU5NTEyZDVjM2Qy MjEwZTYwHhcNMjUxMDI3MTIwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYmRiYWM2OGFhZDQ4MDQwMTk5YTAxMDQ2ZTgyMzZjY2NjMjE2YjJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8n9AgOQpjeM13aNbq6QWXN2TXCF5 cL5DR1/VrsxtWJeAaV2N/2/4U87/HEEYBZZ+cvWwm1kWpoj4vDqRJOSkJmw7WueV zCMtEGmtBEo3Kg+H3iynG7Nlx+DRDSBvENpTr+P6pVhBlMKcIP2uPpPS9aNliGjm lykotQaHA+cFvYJ1Wfet/1iXi6d8G8LeJAuavWjO66HB7iAxNZN0tCvvsT1q8Utu OqxYuh93jZqDsnyeDS+6tLWkf3dC9V/ytaoGrkTp5zk8j/mo3K04doTy61FkPIkN LpohRndRZfxIv1PIHL8xnkxAsYfZicHdRnTHe1PtjvjUQDB7bjFMB0Oq8wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFDvbrGiq1IBAGZoBBG6CNszMIWsvMB8GA1UdIwQY MBaAFLV4pGGoWd3JhsCKiOlRLVw9IhDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYt ZmMxYzBjY2JjMGI3LzEvTzl1c2FLclVnRUFabWdFRWJvSTJ6TXdoYXk4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83Ni8wY2VlMzQtNWFjYy00MmQ1LWE1YmYtZmMxYzBjY2JjMGI3 LzEvdFhpa1lhaFozY21Hd0lxSTZWRXRYRDBpRU9ZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwjV2MA0G CSqGSIb3DQEBCwUAA4IBAQB9VV5TAdVh6Z+3UU9qnq3bhP4s8WgU7Un2Ls2SmbWe mqffy61KS2hxantT9xCwG3jhVJ0JPrBYXtxOs1uJmOSHQAEMhSRlqgvboZqRdLr4 dVRB88Vg5abeZtYvxSDeWpj9fIn7cyaOO7VBIRtm1nbWTJpLsNz3pD0CygNOHiCO XnirP+242zsGpI3SgrbzUoX8knLEC4Grj5w2SUv3ht62iUdOcZFmsDbvMYsmMdYs 3I3iGYvGR1lPk5psq47lXTKoX/qgCjmbpvc1QtJbbJ1VGoX+nX2jd4CGYF2CQYel 24YTgTCC258miNDO9mcrq1ZJiX2DJlo9h1UWeCoRQoAM -----END CERTIFICATE-----Generated at Sat Dec 6 16:20:18 2025 by rpki-client